Split out policybuilder target

PiperOrigin-RevId: 505053801
Change-Id: Ic0ea4aa2334394e310af6d3a11f961bd4866f9dc

sandboxed_api/sandbox2/BUILD.bazel

@@ -311,7 +311,6 @@ cc_library(
     srcs = [
         "monitor.cc",
         "monitor.h",
-        "policybuilder.cc",
         "sandbox2.cc",
         "stack_trace.cc",
         "stack_trace.h",
@@ -344,6 +343,7 @@ cc_library(
         ":namespace",
         ":notify",
         ":policy",
+        ":policybuilder",
         ":regs",
         ":result",
         ":sanitizer",
@@ -384,6 +384,32 @@ cc_library(
     ],
 )
 
+cc_library(
+    name = "policybuilder",
+    srcs = ["policybuilder.cc"],
+    hdrs = ["policybuilder.h"],
+    copts = sapi_platform_copts(),
+    deps = [
+        ":mounts",
+        ":namespace",
+        ":policy",
+        "//sandboxed_api:config",
+        "//sandboxed_api/sandbox2/network_proxy:filtering",
+        "//sandboxed_api/sandbox2/util:bpf_helper",
+        "//sandboxed_api/util:file_base",
+        "//sandboxed_api/util:status",
+        "@com_google_absl//absl/base:core_headers",
+        "@com_google_absl//absl/container:flat_hash_set",
+        "@com_google_absl//absl/log",
+        "@com_google_absl//absl/log:check",
+        "@com_google_absl//absl/memory",
+        "@com_google_absl//absl/status",
+        "@com_google_absl//absl/status:statusor",
+        "@com_google_absl//absl/strings",
+        "@com_google_absl//absl/types:span",
+    ],
+)
+
 # Should be used in sandboxee code instead of :sandbox2 if it uses just
 # sandbox2::Client::SandboxMeHere() and sandbox2::Comms
 cc_library(
@@ -902,6 +928,7 @@ cc_test(
     ],
     deps = [
         ":comms",
+        ":policybuilder",
         ":sandbox2",
         "//sandboxed_api:config",
         "//sandboxed_api:testing",

sandboxed_api/sandbox2/CMakeLists.txt

@@ -288,8 +288,6 @@ target_link_libraries(sandbox2_executor
 add_library(sandbox2_sandbox2 ${SAPI_LIB_TYPE}
   monitor.cc
   monitor.h
-  policybuilder.cc
-  policybuilder.h
   sandbox2.cc
   sandbox2.h
   stack_trace.cc
@@ -301,7 +299,6 @@ target_link_libraries(sandbox2_sandbox2
           absl::cleanup
           absl::flat_hash_set
           absl::optional
-          absl::span
           absl::str_format
           absl::strings
           sapi::strerror
@@ -333,6 +330,7 @@ target_link_libraries(sandbox2_sandbox2
           sandbox2::network_proxy_server
           sandbox2::notify
           sandbox2::policy
+          sandbox2::policybuilder
           sandbox2::regs
           sandbox2::result
           sandbox2::sanitizer
@@ -343,6 +341,33 @@ target_link_libraries(sandbox2_sandbox2
           sandbox2::violation_proto
 )
 
+# sandboxed_api/sandbox2:policybuilder
+add_library(sandbox2_policybuilder ${SAPI_LIB_TYPE}
+  policybuilder.cc
+  policybuilder.h
+)
+add_library(sandbox2::policybuilder ALIAS sandbox2_policybuilder)
+target_link_libraries(sandbox2_policybuilder
+  PRIVATE absl::log
+          absl::memory
+          absl::status
+          sapi::base
+          sapi::config
+          sandbox2::bpf_helper
+          sandbox2::namespace
+          sapi::file_base
+          sapi::status
+  PUBLIC absl::check
+         absl::core_headers
+         absl::flat_hash_set
+         absl::span
+         absl::strings
+         absl::statusor
+         sandbox2::mounts
+         sandbox2::network_proxy_filtering
+         sandbox2::policy
+)
+
 # sandboxed_api/sandbox2:client
 add_library(sandbox2_client ${SAPI_LIB_TYPE}
   client.cc
@@ -994,10 +1019,11 @@ if(BUILD_TESTING AND SAPI_BUILD_TESTING)
     PRIVATE absl::strings
             sandbox2::bpf_helper
             sandbox2::comms
+            sandbox2::policybuilder
+            sandbox2::sandbox2
             sapi::testing
             sapi::status_matchers
             sapi::test_main
-    PUBLIC sandbox2::sandbox2
   )
   gtest_discover_tests_xcompile(sandbox2_policybuilder_test PROPERTIES
     ENVIRONMENT "TEST_TMPDIR=/tmp"